If you are going to not blame sendmail, then there are two ways in which we can administer this medication. The first is to edit the /System -> Library -> StartupItems -> Sendmail -> Sendmail startup script in order to use the following commands to start up sendmail:Ok here's the nit to pick: If you are activating sendmail to merely send outgoing email via the mail command and are not accepting incoming email from another mail server, then do not start sendmail with the -bd flag. This launches sendmail and has it listening on port 25. Bad mojo if you are running a vulnerable version of sendmail. Instead, launch it with this:/usr/sbin/sendmail \ -OdontBlameSendmail=GroupWritableDirPathSafe -bd -q1h /usr/sbin/sendmail \ -OdontBlameSendmail=GroupWritableDirPathSafe \ -C /etc/mail/submit.cf -q1hThis does a pretty good job. However, some of the other commands...
/usr/sbin/sendmail -q1hAll this does is launch the daemon and clear the mail queue every hour. You should still be able to use mail command to send email. To make this change, edit the file /System -> Library -> StartupItems -> Sendmail -> Sendmail. Go to line 23 and change:
/usr/sbin/sendmail -bd -q1h to /usr/sbin/sendmail -q1h.
This will be create a more secure use of sendmail if all you want to do is use the mail command to send system cron alerts and such.

